From 642151017337603f07c89f667d027c6179f5b60e Mon Sep 17 00:00:00 2001
From: pe3zx <pe3zx@users.noreply.github.com>
Date: Sun, 21 Mar 2021 23:51:12 +0700
Subject: [PATCH] Add: PwC-IR/Office-365-Extractor to DFIR section

---
 README.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/README.md b/README.md
index 8e252df..4773a14 100644
--- a/README.md
+++ b/README.md
@@ -1304,6 +1304,10 @@ This repository is created as an online bookmark for useful links, resources and
 		<td><a href="https://github.com/PUNCH-Cyber/stoq">PUNCH-Cyber/stoq</a></td>
 		<td>An open source framework for enterprise level automated analysis.</td>
 	</tr>
+    <tr>
+        <td><a href="https://github.com/PwC-IR/Office-365-Extractor">PwC-IR/Office-365-Extractor</a></td>
+        <td>The Office 365 Extractor is a tool that allows for complete and reliable extraction of the Unified Audit Log (UAL)</td>
+    </tr>
     <tr>
         <td><a href="https://github.com/refractionPOINT/limacharlie">refractionPOINT/limacharlie</a></td>
         <td>LC is an Open Source, cross-platform (Windows, MacOS, Linux ++), realtime Endpoint Detection and Response sensor. The extra-light sensor, once installed on a system provides Flight Data Recorder type information (telemetry on all aspects of the system like processes, DNS, network IO, file IO etc).</td>